Jean Gordon Kocienda, global threat analyst, Cisco
Jean Gordon Kocienda, global threat analyst, Cisco

Every December, publications of all kinds submit their predictions on a plethora of subjects for the coming year.  These prognostications generally fail at accurately predicting much that wasn't an already a foregone conclusion.  Yet they always seem to draw an audience. This is probably because lists are easy to speed-read. They lend themselves to the instant information world. But there is another reason — because their value is perhaps not so much in their ability to see the unseeable as because they allow us to take stock of the current situation and project trend lines forward.  Predictions are really more what we know right now, and there is value in that.  So with that disclaimer, we submit the following:

Changes in the global framework governing the internet
It is no secret that government policies around the world have had trouble keeping pace with the cultural and economic changes enabled by the internet. At the same time, the internet would not be the juggernaut it is without its borderless and unregulated nature. The internet has developed around a multi-stakeholder model led by the Internet Corporation for Assigned Names and Numbers (ICANN). In recent years, some stakeholders have called for a more government-centric model of internet governance. In 2014, this conversation will intensify. Debate topics will include whether governance of the internet should change, and what sort of new governing bodies might find consensus, as stakeholders consider the risks of internet balkanization and the potential stifling effects of mounting regulatory requirements.

The ethics of threat intelligence sharing
Threat intelligence sharing has always been tricky. By its very nature, information that is helpful when shared might give a competitor or adversary an edge. Moreover, organizations reporting a compromise could be interpreted as admitting weakness or legal culpability. Because threat information sharing is risky, it must be built on trusted relationships that may be years in the making. The setbacks in trust brought about by this year's revelations of pervasive online surveillance may impact public-private and government-to-government cyber security information sharing efforts in 2014. And new revelations may be in the offing. All of this may put the mechanics and ethics of information sharing under the microscope: How do we define the relationships between government and the private sector, when they share responsibility for the resilience of critical infrastructure? How does increased public scrutiny impact the unwritten diplomatic rules that govern international alliances? How much privacy are we willing to sacrifice in the name of security, and how do we build a single framework if the answers to these questions differ based on where we stand?

Hacktivists and cyber Criminals pool their interests
Until recently, politically-motivated hacktivists and profit-motivated cyber criminals had little overlap. Hacktivists and terrorists prefer big, loud attacks to disrupt and undermine trust in IT infrastructure. Cyber criminals and spies work quietly, preferring their targets to remain unaware. Recently, however, the interests of hacktivists and criminals may be converging. In 2013, we saw distributed denial-of-service (DDoS) incidents, such as the “Dark Seoul” attacks on Korean banks, which appear to have been staged to distract defender attention away from criminally-motivated data and resource theft.

This raises a number of possibilities. Hacktivists and terrorists could be adding quiet penetration skills to their repertoire. Criminals may be conjuring DDoS attacks to create diversions. Or, perhaps most intriguing, criminals might be contracting with hacktivists for a share of the take in a kind of distributed denial-of-service-as-a-service approach to political fundraising.

The great unraveling
We may be going out on a limb here, but it seems that the inter-connectedness of our lives and economies made possible by the internet are creating a secondary, opposite reaction. As our economic interdependence deepens and communication becomes easier, central authorities of all kinds are being weakened. Power and influence are devolving to smaller, regional or individual sub-groupings. Conflicting interests and arrests of leaders of the Anonymous hacker collective, for example, may be eroding that group's cohesion, while regional or interest-based hacker groups are rising in influence. National borders established early in the 20th century are being challenged. The influence and reach of the nation state seems overshadowed by the rising power of mega-urban centers, ethnic, religious, and interest groups, and even multinational corporations. Even as the internet brings us together, it makes it easier for us to choose who we listen to, and that threatens to emphasize our differences and drive us apart. 

New metrics help quantify the challenge
Former White House cyber security chief Melissa Hathaway recently published a paper titled “The Cyber Readiness Index 1.0,” an effort to quantify progress made by nations to implement cyber security. She posits that the economic benefits brought by internet adoption are being eroded by online theft and malfeasance, and argues that quantifying the challenge is the first step in tackling it. Until recently, many organizations treated security as an afterthought, but the creation of metrics such as the Cyber Readiness Index may help network stakeholders to grasp the scope of the problem by providing an empirical yardstick for assessing the national cyber risk/benefit quotient, and to measure progress.